We have a ASP.NET web service that we want to upgrade, so that
It only works for connections made to it, using TLS 1.1+
All other connections are rejected/dropped.
While it's clear that the registry on the web server has to be updated to disable the older protocols, it is not clear as to how to upgrade the ASP.NET web service to TLS 1.1+
Are we good, if the application's DLLs are compiled against the .NET 4.5 framework? Or should we have to explicitly set the protocol in the web service code?
Which version of .Net Framework your app uses is relevant if any of the following is true:
Directly using the System.Net APIs (for example, System.Net.Http.HttpClient and System.Net.Security.SslStream).
Directly using WCF clients and services using the System.ServiceModel namespace.
Using Azure Cloud Services Web and Worker roles to host and run your application. See the Azure Cloud Services section.
See "Transport Layer Security (TLS) best practices with the .NET Framework"
Here's the link.
https://learn.microsoft.com/en-us/dotnet/framework/network-programming/tls
Related
So I'm creating a new .Net Framework 4.8 Web API in Visual Studio 2019 and I'm wanting to know how to create the API as a windows service? I can't seem to find any examples or online resources to do so. I can run the API locally in VS and it opens Chrome and shows the responses under the local IIS Server it spins up. How do I take this same project and compile it as a windows service while still using HTTPS?
Web API is fully capable of being self hosted on top of OWIN, and does not require IIS to run.
Web API self hosted is basically just a console app. So the techniques for turning a Web API console app into a Windows Service are the same as for any other .NET console app. You can use a service manager such as NSSM, or create a Windows service project directly (by inheriting from the appropriate classes, pretty messy) or use a library like TopShelf.
Note that it's generally not a good idea to directly expose this self hosted app directly to the public. IIS provides a lot of security benefits out of the box designed to protect against malicious requests. If you're planning to publicly expose it, make sure you stick a proxy in front of it that will fulfill those security needs.
We have a CRM/ERP web application (ASP.Net Forms) running on top of SharePoint (WSS and 201x).
On the other hand we have add-ins for Office (WPF) closely integrated to the web application via WCF services.
Both rely heavily on a WCF services project, in three ways:
WCF services called from code behind
AJAX-enabled client web services using webhttpbinding / enablewebscript
WCF services called from the add-ins.
However, there is a security concern.
In our current set-up, the WCF services need to be set to Anonymous authentication.
Otherwise our web application and add-ins won't work using the current configuration.
Our goal: to disable the anonymous access to the WCF services somehow, without breaking either the web application or add-ins.
This proved much less straight-forward than expected.
This is our typical set-up:
Extended SharePoint site (WSS / 201x). Alternate Access Mapping
configuration:
Default: Active Directory, NTLM.
Intranet: Membership Provider, Anonymous access.
ASP.Net web application runs within the main SharePoint web application (no sub web application in IIS).
WCF services project is configured in IIS as a 'sub' web application beneath the SharePoint web application.
This is what we came up with so far:
Added in the WCF services web.config
Changed Windows Authentication -> Advanced Settings to the following:
Extended Protection: Accept
[X] Enable Kernel-mode authentication
Changed client binding configuration of add-ins and web application to Security Mode TransportCredentialOnly with clientCredentialType Ntlm.
Above solution works in our SharePoint 2007 test environment in all three aforementioned places.
However in SharePoint 201x we can't get the WCF calls from within the web application to work.
At least not using the same client bindings as the add-ins (while the WCF calls from the add-ins also work in SharePoint 2013).
The error message we’re getting is: No credentials are available in the security package.
Another one we encountered is: Provider type not defined. (Exception from HRESULT: 0x80090017)
Question: How can we use WCF services non-anonymously from within a SharePoint web application and from WPF?
Any idea's on how to configure and call these in this scenario? (one way or another)
Any thoughts on this are greatly appreciated!
So I am playing around with Service Fabric for rolling out a system to the cloud, and so far I have most of the stateless services ported over and running well using ASP.NET Core.
I have another set of services that need to be stateful, and I would like to leverage .NET Core for those services as well. For those I will need to run a custom TCP protocol, not HTTP/WebAPI/WCF.
So the question is; is this possible? The templates only have a ASP.NET Core stateless service template. Can I build something like a .NET Core console application to run as a "Reliable Service"? If so, is there any documentation on how to do this?
Yes, it's possible.
You can create the .NET 4.5.1 stateful service via the template, and then port that project to .NET Core - we've done this and it works just fine.
There doesn't appear to be any official documentation on this process.
Objective:
We have a Windows Service/generic EXE that also hosts a WCF service (.Net 3.5). I'd like to be able to take a third party ASP.NET component in a DLL, and host it through that WCF Service.
Is this possible to do, in any way?
It seems like if you want to host a ASP.NET app, it must be through IIS, but we don't use IIS.
Is there any way that we could load the ASP.NET app into memory, make the app available through an endpoint, and receive requests back from the app?
Specifically, we'd like to take the "Microsoft.ReportViewer.WebForms.dll", expose the web form in a web page, and accept any requests back from the web form.
http://msdn.microsoft.com/en-us/library/ms251723.aspx
Looking for anything to get me started. Thx.
From owin.org
"OWIN defines a standard interface between .NET web servers and web applications. The goal of the OWIN interface is to decouple server and application, encourage the development of simple modules for .NET web development, and, by being an open standard, stimulate the open source ecosystem of .NET web development tools."
Essentially Owin implementations, like Katana (OWIN implementations for Microsoft servers and frameworks.), help you self host web apps, even in a Windows NT Service.
According to this post, hosting a WebForms app outside IIS/ASP.NET is not possible.
WebForms are tightly coupled to ASP.NET/IIS and cannot run directly on
OWIN/Katana (e.g. outside of ASP.NET/IIS). However, you should be able
to use Katana's middleware (Security, CORS, etc.) in a WebForms
application.
http://katanaproject.codeplex.com/discussions/571291
I don't know this is a right forum for my question or not?
I am new in Web Services. Today i just open VS2008 and found 3 type of SERVICE project
Window Service
WCF Service application
ASP.NET web service application
Please help me to find out the difference between these three projects?
When should we decide which type of project?
Very short explanation:
Windows service is as it states a service running on Windows OS. For example, indexing service running on Windows machine is a Windows service.
Asp.NET Web Service is a service that can only be used via http and is hosted on server.
WCF is a framework, layer or platform that enables you to create multiplatform services that can communicate with each other. WCF services supports more protocols. Can be hosted by server, application or used by other services. You can use WCF to create a web service or a windows service.
A newer and easier approach for creating lightweight web services is the stateless Web API. I suggest you download VS 2017 Community Edition, so you are not stuck with only those choices.